Jeepers Peepers: WP Syslog
Jeepers Peepers provides an extensible interface for recording WordPress events — user logins, file uploads, post deletions, etc. — to a standard system log.
The resulting audit trail can then be incorporated into powerful log-monitoring tools like OSSEC for pre-emptive protection and, in the unfortunate event of a hack, used as a vital reference in the post-mortem investigation.
The following events are automatically logged:
- Content:
wp_die()triggered; - Content: attachment deleted;
- Content: attachment sideloaded;
- Content: attachment uploaded;
- Content: post deleted;
- Content: post published;
- Network: GET, HEAD, POST, etc., requests;
- Plugin: activated;
- Plugin: deactivated;
- Plugin: upgraded;
- User: deleted;
- User: login banned (via Apocalypse Meow);
- User: login failed;
- User: login succeeded;
- User: new user;
- User: password reset;
Each log entry records:
- UTC timestamp;
- Severity level;
- User IP address (or
127.0.0.1if automated); - Logged in username (if applicable);
- Event message;
It will look something like this:
WordPressAudit 2017-05-24 16:35:45 [warning] yourdomain.com 68.256.55.123 "tiffany" "Deactivated plugin: look-see-security-scanner"
Requirements
- WordPress 4.7 or later.
- PHP 7.3 or later.
- Linux host.
- Single-site instance.
- Log file must be writeable by WordPress.
Please note: it is not safe to run WordPress atop a version of PHP that has reached its End of Life. Future releases of this plugin might, out of necessity, drop support for old, unmaintained versions of PHP. To ensure you continue to receive plugin updates, bug fixes, and new features, just make sure PHP is kept up-to-date. 🙂
Privacy Policy
Jeepers Peepers records CMS events such as post and plugin changes to a standard system log for security and audit purposes. Where possible, these entries include the public IP address and/or WordPress username of the individual responsible.
This plugin does not send any of this information to remote locations or third parties.
Please note: Jeepers Peepers DOES NOT integrate with any WordPress GDPR “Personal Data” features. (Selective erasure of audit logs would undermine the very purpose of this plugin! Haha.)